mirror of
https://github.com/openclaw/openclaw.git
synced 2026-06-29 22:43:34 +00:00
32 lines
1.3 KiB
TypeScript
32 lines
1.3 KiB
TypeScript
// OAuth utility helpers provide PKCE, state, and redirect primitives for plugin auth flows.
|
|
import { createHash, randomBytes } from "node:crypto";
|
|
|
|
/**
|
|
* Encode a flat object as application/x-www-form-urlencoded form data.
|
|
*
|
|
* @deprecated OAuth provider-owned helper; keep this local to provider plugins instead.
|
|
*/
|
|
export function toFormUrlEncoded(data: Record<string, string>): string {
|
|
return Object.entries(data)
|
|
.map(([key, value]) => `${encodeURIComponent(key)}=${encodeURIComponent(value)}`)
|
|
.join("&");
|
|
}
|
|
|
|
/**
|
|
* Generate a PKCE verifier/challenge pair suitable for OAuth authorization flows.
|
|
*
|
|
* @deprecated OAuth provider-owned helper; keep this local to provider plugins instead.
|
|
*/
|
|
export function generatePkceVerifierChallenge(): { verifier: string; challenge: string } {
|
|
const verifier = randomBytes(32).toString("base64url");
|
|
const challenge = createHash("sha256").update(verifier).digest("base64url");
|
|
return { verifier, challenge };
|
|
}
|
|
|
|
/** Generate a PKCE verifier/challenge pair with a 64-character hex verifier. */
|
|
export function generateHexPkceVerifierChallenge(): { verifier: string; challenge: string } {
|
|
const verifier = randomBytes(32).toString("hex");
|
|
const challenge = createHash("sha256").update(verifier).digest("base64url");
|
|
return { verifier, challenge };
|
|
}
|